@@ -391,28 +391,47 @@ int
391391boot_read_enc_key (const struct flash_area * fap , uint8_t slot , struct boot_status * bs )
392392{
393393 uint32_t off ;
394- #if MCUBOOT_SWAP_SAVE_ENCTLV
395394 uint32_t i ;
396- #endif
397395 int rc ;
396+ uint8_t * read_dst ;
397+ uint32_t read_size ;
398398
399- off = boot_enc_key_off (fap , slot );
400399#if MCUBOOT_SWAP_SAVE_ENCTLV
401- rc = flash_area_read (fap , off , bs -> enctlv [slot ], BOOT_ENC_TLV_ALIGN_SIZE );
400+ /* In this case we have stored entire encryted TLV in swap-state and bs->enckey
401+ * will be decrypted from the TLV.
402+ */
403+ BOOT_LOG_DBG ("boot_read_enc_key: TLV" );
404+ read_dst = bs -> enctlv [slot ];
405+ read_size = BOOT_ENC_TLV_ALIGN_SIZE ;
406+ #else
407+ BOOT_LOG_DBG ("boot_read_enc_key: RAW key" );
408+ read_dst = bs -> enckey [slot ];
409+ read_size = BOOT_ENC_KEY_ALIGN_SIZE ;
410+ #endif
411+
412+ off = boot_enc_key_off (fap , slot );
413+
414+ rc = flash_area_read (fap , off , read_dst , read_size );
402415 if (rc == 0 ) {
403- for (i = 0 ; i < BOOT_ENC_TLV_ALIGN_SIZE ; i ++ ) {
404- if (bs -> enctlv [ slot ] [i ] != 0xff ) {
416+ for (i = 0 ; i < read_size ; i ++ ) {
417+ if (read_dst [i ] != 0xff ) {
405418 break ;
406419 }
407420 }
408- /* Only try to decrypt non-erased TLV metadata */
409- if (i != BOOT_ENC_TLV_ALIGN_SIZE ) {
421+
422+ if (i == read_size ) {
423+ BOOT_LOG_ERR ("boot_read_enc_key: No key, read all 0xFF" );
424+ rc = 1 ;
425+ }
426+ #if MCUBOOT_SWAP_SAVE_ENCTLV
427+ else {
428+ /* read_dst is the same as bs->enctlv[slot], and serves as a source
429+ * of the encrypted key.
430+ */
410431 rc = boot_decrypt_key (bs -> enctlv [slot ], bs -> enckey [slot ]);
411432 }
412- }
413- #else
414- rc = flash_area_read (fap , off , bs -> enckey [slot ], BOOT_ENC_KEY_ALIGN_SIZE );
415433#endif
434+ }
416435
417436 return rc ;
418437}
0 commit comments